Module ControlledString

Import path

semmle.code.java.security.ControlledString

Imports

Expr

Provides classes for working with Java expressions.

Validation

Predicates

controlledString

Strings that are known to not include any special characters, due to being fully controlled by the programmer.

endsInQuote

A static analysis of strings that end in a single quote. When such strings are concatenated with another string, it suggests the programmer believes that code needed quoting. However, it is better to use a prepared query than to just put single quotes around the string.